EUROPEAN COMMITTEE FOR STANDARDIZATION COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG

Transcription

1 EUROPEAN COMMITTEE FOR STANDARDIZATION COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG WORKSHOP CWA AGREEMENT July 2001 ICS Dit document mag slechts op een stand-alone PC worden geinstalleerd. Gebruik op een netwerk is alleen. toestaan als een aanvullende licentieovereenkomst voor netwerkgebruik met NEN is afgesloten. This document may only be used on a stand-alone PC. Use in a network is only permitted when a supplementary license agreement for us in a network with NEN has been concluded. Financial transactional IC card reader (FINREAD) - Part 3: Security requirements This CEN Workshop Agreement can in no way be held as being an official standard as developed by CEN National Members CEN All rights of exploitation in any form and by any means reserved world-wide for CEN National Members Ref. No CWA :2001 E Rue de Stassart, 36 B-1050 Bruxelles Tel : Fax :

2 Contents page Foreword Scope Normative references Terms, definitions and abbreviations Terms and definitions Abbreviations Assumptions and countermeasures Assumptions FCR general assumptions FCR environment assumptions Countermeasures...8 Table 1 Assets and countermeasures Security requirements Hardware security requirements Core software security requirements Specification of implementation Secure downloading Digital signature calculation Signature verification Minimum data and parameters signed Software integrity FCR authentication FCR signature calculation FCR ID FCR authentication public key certificate Key management Overview of certification schemes Hierarchical tree...17 Figure 1 Example of hierarchical tree Cross-certification...18 Figure 2 Example of cross-certification Keys used for software download FCR public root keys...18 Figure 3 FCR root keys...19 Figure 4 Key update data package Public keys used for software download...20 Figure 5 Example of hierarchical tree certification for software downloading...21 Figure 6 Example of cross-certification for software downloading Public key certificates FCR Master Key...23 Figure 7 FCR root and master keys...24 Figure 8 Key replacement data package Summary...24 Table 2 Summary of FCR keys

3 7.3 Keys used for FCR authentication key...25 Figure 9 FCR authentication keys Authentication public key certificates Summary of FCR keys...26 Figure 10 FCR keys after production Length of the keys Cryptographic functions/ random number generator Cryptographic functions Random number generation

4 Foreword This document has been prepared by CEN /TC WS/FINREAD, "Financial transactional IC card reader (FINREAD)". The production of this CWA (CEN Workshop Agreement) specifying a Financial transactional IC card reader (FINREAD), was formally accepted at the FINREAD Workshop's kick-off meeting on The document has been developed through the developed through the collaboration of a number of contributing partners in WS-FINREAED, representing smart card interests as well as financial services. This CWA has received the support of representatives of each of these sectors. A list of company experts who have supported the document's contents may be obtained from the CEN/ISSS Secretariat. This document was approved as CWA at a meeting of the WS-FINREAD participants on , after a final review/endorsement round that was started on The final text was submitted to CEN for publication on after incorporation of the amendments approved on This CWA consists of the following parts, under the general title Financial transactional IC card reader (FINREAD) : Part 1 : Business requirements Part 2 : Functional requirements Part 3 : Security requirements Part 4 : Functional and technical architecture Part 5 : Definition of application programme interfaces (APIs) Part 6 : Definition of the virtual machine Part 7 : FINREAD car reader application programming interfaces (APIs) Part 8 : FINREAD client application programming interfaces (APIs) 4

5 1 Scope This document defines security requirements for the different components of the FINREAD card reader : it describes assumptions on which the risk analysis performed was based, and countermeasures resulting from the risk analysis ; it lists the security requirements ; it describes the implementation of these requirements ; it describes key management ; it lists cryptographic functions and the random number generator offered by the core software. 2 Normative references The following normative documents contain provisions, which, through reference in this text, constitute provisions of this CWA. For dated references, subsequent amendments to, or revisions of, any of these publications do not apply. However, parties to agreements based on this CWA are encouraged to investigate the possibility of applying the most recent editions of the normative documents indicated below. For undated references, the latest edition of the normative document referred to apply. ISO , Banking - Approved algorithms for message authentication - Part 1 : D.E.A. ISO , Banking Personal Identification Number management and security - Part 1: PIN protection principles and techniques. ISO , Banking Secure cryptographic devices (retail) - Part 1 : Concepts, requirements and evaluation methods. ISO , Banking Secure cryptographic devices (retail) - Part 2 : Security compliance checklists for devices used in magnetic stripe card systems. CWA , Financial transactional IC card reader (FINREAD) - Part 2 : Functional requirements. CWA , Financial transactional IC card reader (FINREAD) - Part 4 : Functional and technical architecture. CWA , Financial transactional IC card reader (FINREAD) - Part 5 : Definition of application programme interfaces (APIs). ANSI draft X9.52, Triple Data Encryption Algorithm Modes of Operation, Revision 6.0, May ANSI X3.92, American National Standard for Data Encryption Algorithm, ANSI X3.106, American National Standards for Information Systems, Data Encryption Algorithm - Modes of Operation, NIST FIPS-PUB 180, Secure Hash Standard, National Institute of Standards and Technology, Department of Commerce, Apr PKCS #1 : RSA Encryption Standard. Version 1.5. Revised November 1, PKCS #1 : RSA Encryption Standard. Version 2.1. September 17, R. Rivest, The MD5 Message Digest Algorithm, RFC 1321, Apr

6 R. Rivest, A. Shamir, L. Adleman, A method for obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM, vol. 21, n 2, p , Feb R. Rivest, A. Shamir, L. Adleman, On Digital Signatures and Public-Key Cryptosystems. TR MIT/LCS/TR-212, MIT Laboratory for Science, Jan Research and Development in Advanced Communication Technologies in Europe, RIPE Integrity Primitives: Final Report of RACE Integrity Primitives Evaluation (R1040), RACE, June H. Dobbertin, A. Bosselaers, and B. Preneel, RIPEMD-160: A strengthened version of RIPEMD, Proceedings of 3rd International Workshop on Fast Software Encryption, Springer-Verlag (1996), FIPS PUB (2000) National Institute of Standards and Technology : Digital Signature Standard (DSS). 3 Terms, definitions and abbreviations 3.1 Terms and definitions For the purposes of the present document, the following terms and definitions apply certification authority an authority trusted by all users to create and assign [public key] certificates. In this document we use the term certification authority in a wider sense. The certification authority's main function is to sign with its private key software modules or recognised entities [CWA XXX-2] FINREAD Card Reader Application FCRA Java 1) application signed by the appropriate entity that may be downloaded to the FCR. When an FCRA is activated, the FCR operates in secure mode [CWA XXX-2] FINREAD Card Reader Identification Application FCRIA FCRA launched on ICC insertion with the objective of blocking the transparent mode when specific applications are present in the ICC [CWA XXX-2] payment scheme scheme defined by an appropriate organisation to process payments. Payment scheme rules may cover: issuing and acquiring rules, ICC acceptance, clearing and settlement 3.2 Abbreviations For the purposes of the present document, the following abbreviations apply : ANSI API DES American National Standards Institute Application Programme Interface Data Encryption Standard 1) Java, and all Java based trademarks are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. 6

7 FCR FCRA FINREAD Card Reader (throughout this document, the abbreviation FCR refers to a compliant secure FINREAD IC card reader) FINREAD Card Reader Application FCRIA ICC, IC card FINREAD Card Reader Identification Application Integrated circuit card (also called smart card) ISO International Organization for Standardization MD5 Message Digest algorithm Rev 5 RIPEMD-160 RSA Message Digest algorithm (160 bits) from RACE Integrity Primitive Evaluation Rivest, Shamir and Adleman Public-key cryptography SHA-1 Secure Hash Algorithm Rev 1 4 Assumptions and countermeasures This clause summarises the results obtained in the risk analysis performed, particularly the countermeasures to be applied. It also identifies the countermeasures treated in the present security requirements and those covered by assumptions. 4.1 Assumptions Assumptions are properties, requirements or security organisational or technical measures that are supposed to be in place at different stages of the FCR life cycle. Two assumption types can be distinguished in a risk analysis : general assumptions which define the scope of application of the risk analysis ; environment assumptions, which are necessary to ensure that the security requirements of the complete system are met. These assumptions are related to the design, manufacturing and production environments FCR general assumptions ASSUMP.1 : ASSUMP.2 : ASSUMP.3 : ASSUMP.4 : The security level of the IC card is out of the scope of the present CWA. It is assumed that the payment scheme or the financial institution have chosen the appropriate security requirements for the IC card. The security level of the payment scheme or any other financial scheme is assumed to be secure in itself. The FCR does not add security to the application itself but provides a secure interface for cardholder interaction. The only secret that shall be securely stored in the FCR is the private key used for FCR authentication. There are no additional requirements for other secrets. The FCR is intended to be linked to an untrusted environment. There is no assumption or requirement for the security level of the remainder of the user environment FCR environment assumptions Signature key environment ASSUMP.5 : Private keys used for any type of download are kept in a secure environment. 7

8 User environment ASSUMP.6 : The FCR is intended to be used in a private environment. The present CWA does not cover any use of an FCR not in a private environment. ASSUMP.7 : ASSUMP.8 : In secure mode, the FCR is intended to be used with certified FCR applications. A certified FCRA / FCRIA is assumed to be secure. The FCR is intended to be used with certified FCR core software. Certified FCR core software is assumed to be secure. Designer and manufacturer environment ASSUMP.9 : ASSUMP.10 : ASSUMP.11 : The designer (FCR and applications) issues and maintains a written procedure which describes the security rules, and applies it in the design environment. The manufacturer issues and maintains a written procedure which describes the security rules, and applies it in the production environment. The manufacturer ensures the protection of cryptographic keys used at all times. The design and development stages shall be covered in other processes. 4.2 Countermeasures Table 1 summarises the countermeasures by asset resulting from the scenarios of threats defined in the risk analysis 2). The last column indicates which countermeasures are covered by the assumptions specified in ) Some countermeasures can be found several times in the table because they correspond to different scenarios of threats in the risk analysis performed. 8

9 Table 1 Assets and countermeasures Asset Countermeasure Assumption Core software Organisational security measures around signature key environment 5, 11 Length of keys used shall be conform to the state of technology - Organisational security measures around signature key environment 5, 11 Make the user aware that he should protect his FCR a 6 partially Procedures for FCR certification/evaluation 8 Organisational security measures during design stage 9 Organisational security measures during production stage 10, 11 FCRA / FCRIA Organisational security measures around signature key environment 5 Length of keys used shall be conform to the state of technology - Organisational security measures around signature key environment 5 Make the user aware that he should protect his FCR a 6 partially Procedures for FCRA / FCRIA certification/evaluation 7 Organisational security measures during design and development stages 9 Public keys Organisational security measures around signature key environment 5, 11 Length of keys used shall be conform to the state of technology - Organisational security measures around signature key environment 5, 11 Length of keys used shall be conform to the state of technology - Make the user aware that he should protect his FCR a 6 partially Housing Identification of the FCR by a visual element - FCR authentication - Identification of the FCR by a visual element - FCR authentication - FCR as device Identification of the FCR by a visual element - FCR authentication - Identification of the FCR by a visual element - FCR authentication - Identification of the FCR by a visual element - FCR authentication - Identification of the FCR by a visual element - Organisational security measures during production stage 10, 11 "to be continued" 9

10 Bestelformulier Stuur naar: NEN Standards Products & Services t.a.v. afdeling Klantenservice Antwoordnummer WB Delft Ja, ik bestel NEN Standards Products & Services Postbus GB Delft Vlinderweg AX Delft T (015) F (015) ex. CWA :2001 en IC kaartlezer (FINREAD) voor financiã«le transacties - Deel 3: Veiligheidseisen Wilt u deze norm in PDF-formaat? Deze bestelt u eenvoudig via Gratis nieuwsbrieven Wilt u op de hoogte blijven van de laatste ontwikkelingen op het gebied van normen, normalisatie en regelgeving? Neem dan een gratis abonnement op een van onze nieuwsbrieven. Gegevens Bedrijf / Instelling T.a.v. O M O V Klantnummer NEN Uw ordernummer BTW nummer Postbus / Adres Postcode Plaats Telefoon Fax Factuuradres (indien dit afwijkt van bovenstaand adres) Postbus / Adres Postcode Plaats Datum Handtekening Retourneren Fax: (015) klantenservice@nen.nl Post: NEN Standards Products & Services, t.a.v. afdeling Klantenservice Antwoordnummer 10214, 2600 WB Delft (geen postzegel nodig). Voorwaarden De prijzen zijn geldig tot 31 december 2016, tenzij anders aangegeven. Alle prijzen zijn excl. btw, verzend- en handelingskosten en onder voorbehoud bij o.m. ISO- en IEC-normen. Bestelt u via de normshop een pdf, dan betaalt u geen handeling en verzendkosten. Meer informatie: telefoon (015) , dagelijks van 8.30 tot uur. Wijzigingen en typefouten in teksten en prijsinformatie voorbehouden. U kunt onze algemene voorwaarden terugvinden op: Normalisatie: de wereld op één lijn. preview